Forum Discussion

REddy's avatar
Icon for Nimbostratus rankNimbostratus
Feb 24, 2022

HSL Loggin & Splunk

Hi Everyone,

We are trying to build to HSL logging via the irules to the splunk. Here are the steps implemented so far.

1. created a UDP 514 pool with remote logging servers.

set client_address [IP::client_addr]
set syslogpool "splunk_hsl_pool_514"
set vip [IP::local_addr]
set hsl [HSL::open -proto UDP -pool $syslogpool]
set ssl_cipher_negotiated [SSL::cipher name]
set ssl_version [SSL::cipher version]
#log local0. "Ciphers: $ssl_cipher_negotiated & the version :$ssl_version"
HSL::send $hsl "Ciphers: $ssl_cipher_negotiated & the version :$ssl_version"

3. The irule applied on to the Virtual servers.

I couldnt see anything when i search in splunk. It would be great if any one can help me with this.